<style>
.pure_form_extra { background: #fff; padding: 10px; border: 1px solid #aaa; border-radius: 8px; font-size: 12px; font-family: Trebuchet MS; }
.pure_form_extra label { font-size: 12px !important; }
.pure_form_od { background: #fff; padding: 10px; border: 1px solid #aaa; border-radius: 8px; }
.pure_form_od label { font-size: 14px !important; }
.pure_form_od label.subtitle { font-weight: bold !important; }
.pure_form_pay { background: #fff; padding: 10px; border: 1px solid #aaa; border-radius: 8px; }
.pure_form_pay legend { border-bottom: 1px solid #ddd; padding-bottom: 5px; padding-left: 20px; font-weight: bold; }
.pure_form_pay div { font-size: 12px; }
.pure_button_cart { margin-left: 5px; font-weight: bold; font-size: 14px !important; }
</style>

<?php
$user = null;
if (isset($_SESSION['user'])) {
  $user = json_decode($_SESSION['user']);
}

$order_number = Utils::get_param('od', NULL);

$is_allowed = 0;

$opts = new stdClass();
$opts->cd = 't.order_number = :v1';
$opts->cdv = array(':v1' => $order_number);
$data = $orm->get('pb_ecom_order', NULL, NULL, NULL, NULL, $opts)->d;

if (count($data) > 0) {
  if ($user && $data[0]->customer_id == $user->id) {
    $is_allowed = 1;
  }
  if ($data[0]->customer_id == 0) {
    $is_allowed = 1;
  }
  
  $opts = new stdClass();
  $opts->cd = 't.order_id = :v1';
  $opts->cdv = array(':v1' => $data[0]->id);
  $data[0]->__purchases = $orm->get('pb_ecom_purchase', NULL, NULL, NULL, NULL, $opts)->d;
  
  if (!isset($_SESSION['profile'])) {
    $rslt = $orm->get('pb_ecom_admin', NULL, NULL, NULL, NULL, NULL)->d;
    if (count($rslt) > 0) {
      $_SESSION['profile'] = $rslt[0];
    }
  }
  
  $data[0]->__shop = $_SESSION['profile']->shop_name;
  $postdata = http_build_query(
    array(
      'od' => json_encode($data[0])
    )
  );
  $opts = array('http' =>
    array(
      'method'  => 'POST',
      'header'  => 'Content-type: application/x-www-form-urlencoded',
      'content' => $postdata
    )
  );
  $context  = stream_context_create($opts);
}

$currs = $orm->get('pb_ecom_currency', 't.title', 'ASC', NULL, NULL, NULL)->d;
?>

<table cellpadding=0 cellspacing=0>
  <tr>
    <td style="width: 730px; vertical-align: top; padding-right: 10px;">
      <?php if (count($data) == 0) { ?>
      <div class="pure-form pure-form-aligned pure_form_extra">找不到订单 <?php echo $order_number; ?></div>
      <?php } else if ($is_allowed == 0) { ?>
      <div class="pure-form pure-form-aligned pure_form_extra">您无权限查看该订单</div>
      <?php } else { ?>
      <?php echo file_get_contents(URL . HOME_DIR . '__odcn.php', true, $context); ?>
      <?php } ?>
    </td>
    <td style="width: 230px; vertical-align: top;"><?php include PLGN_DIR . basename(dirname(__FILE__)) . '/inc.rightbar.php'; ?></td>
  </tr>
</table>
<div>&nbsp;</div>